pixelsage suggested an idea · Jun 04, 2019 at 10:48 PM · Account Management
PlayFab should make sure to stay on top of this new feature from Apple:
"Sign In with Apple will be available for beta testing this summer. It will be required as an option for users in apps that support third-party sign-in when it is commercially available later this year.
This means that, theoretically, anytime you see an option to sign-in to a service with Facebook or Google, you should also see an option to sign in with your Apple account. Thus, developers will be required to update their apps to integrate “Sign in with Apple.”"
Brandon Phillips commented · Jun 08, 2019 at 08:52 AM
I feel like since this is a "game breaker" for those that use any social login system on iOS, PlayFab might be "forced" to implement it if they want to keep offering any social login on an iOS platform by the time iOS 13 comes out.
Yeah, possibly. And I know it's been on Playfab's roadmap to get Game Center login working, too. Talk about untimely.
brandon commented · Jun 12, 2019 at 05:59 PM
It was already stated in the OP, but I wanted to include some references for those who are curious. Sign-In with Apple will indeed be required.
Sign In with Apple will be available for beta testing this summer. It will be required as an option for users in apps that support third-party sign-in when it is commercially available later this year.
Thanks! It definitely helps to have the official source referenced.
Fakhra AlMansouri commented · Jul 10, 2019 at 06:51 PM
I can confirm that Apple will make it mandatory for those apps which required sign in with Facebook or Google.
Brandon Phillips commented · Oct 22, 2019 at 02:19 AM
Unfortunately it is now a requirement, which means it will likely need to be supported by PlayFab. However, it may be possible to use the PlayFab LoginWithOpenIdConnect API as it seems Sign in with Apple uses Open ID. Anyone have any experience with this?
What Apple did was add an OIDC-based auth. We checked, and their JWT was lacking a nonce, which is non-standard, but we updated our OIDC login to allow for that. Unfortunately, we've also found in testing that their known-good configuration file also violates the OIDC spec by having a mismatch between the issuer and the URL. We're investigating to see if we can work around that (our OIDC library follows the standard, which is why it's tricky).
@Brendan Thanks for the info. We got our Title to successfully link to "Sign in with Apple" using CreateOpenIdConnection, but unfortunately the actual sign-in doesn't work in-client, and the error returned is
Signature validation failed. Unable to match keys:
Brandon Phillips commented · Nov 14, 2019 at 08:35 PM
We've finally gotten it working with PlayFab's LoginWithOpenIdConnect API! The Connection ID and Client ID need to both be the Client ID used in Apple's service setup, and the Client Secret can be generated with a variety of languages (ruby and python are easiest)
From Citrus Yan on the other thread:
"And, you can make a feature request about LoginWithOpenIdConnect API taking in an endpoint instead of a ConnectionID."
It sounds like this wasn't necessary? Was there anything changed by PlayFab in the process of getting it working?
What about Linking an Apple account? We would want to support this as well, when they chose "Continue as Guest" at first.
I'm trying to figure out how much time this is going to take, and if instead I need to not have any other login methods like Facebook (until PlayFab supports Sign in with Apple and LinkAppleAccount). But I believe if I only sign in with DeviceID, that would mean there would be no way to share the same PlayFab account between your iPhone and your iPad.
Hayrettin Yucel commented · Dec 17, 2019 at 02:43 PM
This feature request marked as completed. What does that mean?
It's available now using OpenIDConnect (see my comment above yours)
Dyon Ng commented · Dec 18, 2019 at 03:41 PM
I'm having issues getting this to work. When I make a LoginWithOpenIdConnect request, I get an error from PlayFab:
{"code":403,"status":"Forbidden","error":"NotAuthorized","errorCode":1089,"errorMessage":"Value cannot be null.\r\nParameter name: key"}
POST https://{{TitleID}}.playfabapi.com/Client/LoginWithOpenIdConnect Content-Type: application/json { "ConnectionId": "com.company.clientid", // sign-in-with-apple service id "IdToken": "eyJraWQiOiJ...", // jwt id_token from apple "CreateAccount": true }
ConnectionId: "com.company.clientId", // sign-in-with-apple service id ClientId: "com.company.clientId", // same as above ClientSecret: "eyJhbGciO..." // generated with p8 file, clientId, teamId, keyId Issuer: "https://appleid.apple.com/auth/keys" // shows up blank now
Uncaught TypeError: PlayFab.ClientApi[method] is not a function at Object.makeClientAPICall (tools.js?t=20190314:176) at HTMLButtonElement.<anonymous> (tools.js?t=20190314:71) at HTMLButtonElement.dispatch (lib.js?t=20190314:2) at HTMLButtonElement.q.handle (lib.js?t=20190314:2)
There is a guide that is in-progress for this. I don't have an exact ETA release date on the documentation. But the document is complete and it just needs to be added to the docs.microsoft.com/gaming/playfab documentation portal. I suspect that it should be available sometime between now and the end of next week.
MarcoWilliamsPF commented · Jan 02, 2020 at 07:17 PM
Per my last comment, I stand corrected. The document is already up. @Dyon Ng
https://docs.microsoft.com/en-us/gaming/playfab/features/authentication/platform-specific-authentication/apple-open-id
Ah, this wasn't there when I last checked for a guide. I'll give this a shot, thanks a bunch.
Dyon, did the document give you the information that you needed?
Mostly good until creating an OpenID Connection in Title Settings. Using Issuer: https://appleid.apple.com caused an error upon saving. Instead, we used the Admin REST API, CreateOpenIdConnection, with:
{ ConnectionId: "com.company.product", ClientId: "com.company.product", ClientSecret: "clientSecret", IssueDiscoveryUrl: "https://appleid.apple.com/.well-known/openid-configuration", IssuerInformation: { Issuer: "https://appleid.apple.com", AuthorizationUrl: "https://appleid.apple.com/auth/authorize", TokenUrl: "https://appleid.apple.com/auth/token", JsonWebKeySet: { "keys": [{ "kty": "RSA", "kid": "AIDOPK1", "use": "sig", "alg": "RS256", "n": "lxrwmuYSAsTfn-lUu4goZSXBD9ackM9OJuwUVQHmbZo6GW4Fu_auUdN5zI7Y1dEDfgt7m7QXWbHuMD01HLnD4eRtY-RNwCWdjNfEaY_esUPY3OVMrNDI15Ns13xspWS3q-13kdGv9jHI28P87RvMpjz_JCpQ5IM44oSyRnYtVJO-320SB8E2Bw92pmrenbp67KRUzTEVfGU4-obP5RZ09OxvCr1io4KJvEOjDJuuoClF66AT72WymtoMdwzUmhINjR0XSqK6H0MdWsjw7ysyd_JhmqX5CAaT9Pgi0J8lU_pcl215oANqjy7Ob-VMhug9eGyxAWVfu_1u6QJKePlE-w", "e": "AQAB" }] } } }
edwarddennekamp commented · Mar 10, 2020 at 02:36 PM
Has anyone actually managed to get Apple Sign in to work with Unity and PlayFab, and if so what are the steps, the documentation linked here is very weak, it doesn't even mention OpenId at all.
The documentation is updated for the NEW Apple Add-on. It no longer requires setting up OpenID. However, with Unity, I'm not sure if there's a Sign in with Apple plugin yet. You may have to setup your own native method of retrieving Apple's JWT Identity Token within XCode.
See https://blogs.unity3d.com/2019/09/19/support-for-apple-sign-in/. Support for it is practically non-existent.
I've managed to get a couple of Unity apps through Apple submission.
Dyon Ng commented · Mar 10, 2020 at 09:20 PM
The new Apple Add-on is great and simple to use. However, it only works with AppStore listings whereas the old OpenID connection method could let any platform (Web, Windows, etc) use Sign in with Apple for authentication. Any plans on having both options, Apple Add-on and OpenId, available in the future?
We would love to know what you need. Submit your ideas and upvote others to help us prioritize.